Hi there!
I've google'd quite a while and read the FAQ and many man-pages - but I
didn't find an example for my pf.conf (or simply overlooked it...):
The system is amd64-current. The client is Win7-laptop serving as
Minecraft-server, thus port 25565 needs to be forwarded but IP may change.
I have set up OpenBSD as firewall-router serving additionally as
dhcpd-server plus running a transparent squid. IP-forwarding is set in
/etc/sysctl. Basically everything is running fine, my users surf the net
and send/receive mail. Just that the other kids cannot reach my son's
Minecraft-server on the inside from the outside.
I could assign a static address to this laptop and use this address
setting up a specific rule for this one port. But this is not the way
I'd prefer to go.
I'd like to set up PF to forward this port (25565) without a pre-defined
IP as macro as the dhcpd.conf has a line defining tables for abandoned
("-A"), changed ("-C") and present leases ("-L"). According to man
dhcpd(8) those tables may be used with PF. But how??? I couldn't find
examples.
Do I have to tell PF about these tables in pf.conf? Or don't I need
these tables at all?
What would the syntax actually be for the dhcpd-client (e.g.'enderman'),
s.th like the following tries?
pass on $ext_if from $int_if:peer to any binat-to $ext_if port 25565
This is not specific to client 'enderman'... another try:
pass out on $ext_if inet from $int_if to any \
nat-to enderman:peer static-port
pass in on $ext_if inet from any to $int_if rdr-to enderman:peer
This rule is not specific to port 25565, though.
Please help - I am pretty confused...
TIA.
Best,
STEFAN
